It's frightening to me how many people just don't (or refuse to) understand the heart of the problem, in that they are perfectly willing to let every tiny freedom slip away one at a time because "that doesn't affect me right now".

You may be the favored demographic today, but as political leaders change, and, more importantly, laws change, you may find a bulls-eye on your back tomorrow when someone in power doesn't like something you say or do that was, yesterday, considered perfectly harmless.

You have actively been suspected of wrongdoing. The reasons why you might be suspected have been presented to an impartial(at least in theory, this part could always use work) judge. That judge, upon reviewing those reasons has determined that you should be investigated for possibly committing a crime. At this point you are not convicted, but data like this could be used to show whether you have done something or not. Then you get a day in court, to defned against this evi

And they still wouldn't delete it.If a user tried to sue, they'd say all their records were "anonymized", and thus no one user can claim any damages because they can't prove their records were used against their wishes.If any group of users tries to start a class action, they'll point to the bullshit arbitration clause (no class action suits) in the EULA.If a state tries to protect consumers and say "that clause is illegal", they'll just buy off the supreme court of the state.

That's debatable, and several courts have allowed things like location trackers without warrant, and the searching of cell phones and computers. There's a new bill in the works to explicitly require warrants for electronic surveillance.

As much as I think it should be, it is by no means obvious that knowledge of a particular person's current or past locations constitutes a "search or seizure".

Sure it's easier with a database, but police don't need a warrant to go to the coffee shop and as "has Joe Blow been here recently?" nor should they. I think this is a much more genuine debate than most people see it as, although I don't think having complete information of past locations is the same, and thus should be subject to a warrant and ju

I didn't notice at first, but you and me had a conversation over a similarly charged topic yesterday. I just wanted to say, in regard to that, that while I think you were too absolutist, you made several good points, and I hope you don't simply respond with anger to this particular comment.

What rooms you spend the most time in at home is not, unless you give someone permission to upload your GPS data it to the web for others to see. (and yes, even with GPS's shitty accuracy it's possible to figure that out, statistically)

Perhaps. But at least they'll have to explicitly state that they're collecting the data and also tell you how they're sharing it. They'll also have to give you a way to delete your data. It's a big step in the right direction.

The data could be associated to a non-reversible hash of identity information disclosed only to you. You tell them to delete all data associated with the hash. Technically it isn't anonymous, it's pseudonymous: the hash is your pseudonym.

Yes, but it DOESN'T require your consent when it sends that location information, along with a unique device identifier, back to Apple.

And if you think I'm referring to that whole thing a while back about how your iPhone "track you" in a secret file, I'm not. It turns out that whenever anything looks up a location on your iPhone - and this includes things like the camera! - the iPhone will look for nearby WiFi sites, and then upload your GPS coordinates along with a list of WiFi sites to Apple. This is sent

Today most browsers that can expose location prompt the user before doing so. It sounds like this bill would require the websites to also obtain explicit permission, meaning to share your location you would always have to click "ok" twice in a row. Seems like a pain; why not continue to rely on the core browser/OS to manage these permissions?

In the best case scenario, the OS keeps track of requests for location by apps and guarantees that the first request is always preempted by a user dialog.In an almost worst case scenario, the OS depends on static analysis and misses dynamic calls (reflection where available) and side loaded applications that are filled with trojan functionality.In the worst case scenario, the OS maker buries the consent in the Terms of Service.

I believe that every application on iOS already faces the best case, but it may b

Apple had the data on the device and included it in a readable format in backups to your sync machine, but they weren't "collecting" it in any meaningful sense of the word. The info wasn't being sent back to Apple or to third parties without consent, it was used as a cache to speed local operations. Is caching now considered collecting?

Apple had the data on the device and included it in a readable format in backups to your sync machine, but they weren't "collecting" it in any meaningful sense of the word. The info wasn't being sent back to Apple or to third parties without consent, it was used as a cache to speed local operations. Is caching now considered collecting?

Good question. It seems the bill forbids the company from collecting the data from the phone, but there's nothing stating that the phone can't keep on recording that data.

While the data you specified was indeed a cache that was not being uploaded to Apple or third parties, Apple did confirm elsewhere that they do collect location data in order to crowd source the effort of locating Wi-Fi hotspots. They also mentioned that they are building some sort of automobile traffic monitoring service.

That said, I don't see how this bill would change much. The data Apple is sent is anonymized, and they only collect it if you agree to turn on Location Services. Likewise, third parties do

Actually it could change something, if Apple is required to be able to delete the data on request then the data can not be anonymized. Unless the bill says that the requirement to delete data on request does not apply to anonymized data.

Cache comes from the Latin cogere. To collect. A cache is a collection.The modern (bastardized by the French) usage of a cache adds "hidden" to the meaning.

Apple storing location data in a specific location it knows about and consumers don't (or don't have access to / full control over) is both collecting it and hiding it.They may not be retrieving that information, nor may they have any intent to do so.But they are collecting it.

This legislation is a breath of fresh air in a world where people buy and sell information about me for their marketing purposes. Let me add to this though...

I hope that this legislation will require that this consent must be obtained outside a standard EULA.
I hope that this legislation can be extended to ANY device that tracks my location, such as future cars.
I hope that this legislation can be extended to REQUIRE a warrant before any one can provide this information to the government.

Unfortunately, we still live in an America in which someone who votes against the Patriot Act will be demogogued in the next election as being "soft on terrorists" and not caring enough about the safety of Americans.

Of course they can be bought. Nominally they're bought by the voters, who pay by returning the guy to congress for particular legislation. But voter votes are bought by the representative, either by voting for particular legislation or trading for votes that get particular legislation through while losing other legislation.

It's not a bad system; it's just more complicated than "shut up and raise your hand the way we tell you to or we won't vote for you in November". It's what you get for boiling the resu

Sounds good to me. Haven't heard of any legislations passed recently that actually solves any problems held by the people of the United States. A government that does nothing, except in situations important enough to overcome partisanship, sounds almost ideal.

I like the disclosure aspects of the bill, but I hope it doesn't hinge on the personal aspect of the data. If data that has undergone anonymization can still be used without consent, then this bill might as well not exist.

One of the easiest things possible is to de-anonymize anonymous location data sets. I suspect that looking at:

Asking for consent is absolutely meaningless. In order to get security updates, you'll have to accept the new EULA and will be forced to agree to whatever they ask.

The only way out is to make it illegal to store any more data then is absolutely necessary (e.g. a train time table app only needs your location *now* to find the nearest station, but has no business of retaining that data) for the normal operation of the application.

Yeah, it immediately reminded me of the 40+ page EULA I had to agree to just to update my already-purchased-apps from the iTunes store. Not to mention they seem to update this absurd EULA about every week, asking you to approve it every time. I'm pretty sure I have now agreed to become a human centipede.

What Franken *should* be doing is passing legislation that makes any EULA that can't reasonably be expected to be read by the average consumer (say, a 40 page document displayed on an iPhone screen and upd

So they want to restrict private companies from collecting and sharing someone's location data, yet the federal government is planning on implementing a rule that requires someone flying in a private plane to have a verified and approved security threat before they will prevent the government's location tracking to be made public. http://www.nbaa.org/ops/security/barr/20110318-barr-bolen-aopa.php [nbaa.org] This is referred to as the TMZ bill since it will allow paparazzi to know the location of celebrities. It will al

All I can see is that I made 1 political donation, and now the FCC posted my information, name, address, age, political affiliations, and an insight into my financial status (how much I donated is how much disposable income I had at that time,) all over the internet for anyone to see. At no time was I warned that this would happen, nor did I opt in.

I've opted into Google's services, and not 1 shred of my information shows up from that on the internet.

"Lies and the Lying Liars Who Tell Them is a satirical book on American politics by comedian, political commentator and now Senator Al Franken, published in 2003 link [wikipedia.org] - Amazon.com Review [amazon.com]